Hi all.
For a POC application, I'm trying to access an external web service. Technically, it works (using a RFC destination to manage the endpoint, cl_http_client=>create_by_destination and cl_rest_http_client) - but I'm not happy with a certain detail. To use the web service, I need to obtain an access token using this API method. It boils down to the following code:
cl_http_client=>create_by_destination( EXPORTING destination = i_destination IMPORTING client = DATA(http_client) ). data(query_params) = cl_http_utility=>fields_to_string( fields = value #( ( name = 'grant_type' value = 'password' ) ( name = 'username' value = 'username@some.tld') ( name = 'password' value = 'ssssecret' ) ) ). cl_http_utility=>set_request_uri( request = http_client->request uri = |/oauth/token?{ query_params }| ). DATA(rest_client) = NEW cl_rest_http_client( http_client ). DATA(request_entity) = rest_client->if_rest_client~create_request_entity( ). request_entity->set_content_type( iv_media_type ='application/x-www-form-urlencoded' ). rest_client->if_rest_resource~post( io_entity = request_entity ).(and lo and behold, no prefixes! 
)
I'm sure you'll see the issue right away. For some reasons I don't fully understand, the service is designed in a way that I need to specify constant values (particle:particle) using HTTP Basic auth (so that's what specified in the RFC destination), and the "real" user name and password need to be supplied using query parameters. I could simply store them in a customizing table, but for obvious reasons, that's less than optimal. I've tried to store the credentials in the RFC destination, but SAP did a good job of protecting the SECSTORE - as far as I can see, I can't read the password stored in the RFC destinations. Which other options for storing the credentials would you suggest?
Thanks
Volker